package com.shangcheng.server.interceptor;

import com.shangcheng.commons.utils.JwtUtils;
import com.shangcheng.model.domain.Admin;
import io.jsonwebtoken.Claims;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class TokenInterceptor implements HandlerInterceptor {
    
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        
        //1、获取请求头
        String token = request.getHeader("Authorization");
        //处理token
        token = token.replace("Bearer", "");
        //2、使用工具类，判断token是否有效
        boolean verifyToken = JwtUtils.verifyToken(token);
        //3、如果token失效，返回状态码401，拦截
        if(!verifyToken) {
            response.setStatus(401);
            return false;
        }
        //4、如果token正常可用，放行

        //解析token，获取id和手机号码，构造User对象，存入Threadlocal
        Claims claims = JwtUtils.getClaims(token);
        String username = (String) claims.get("username");
        Integer id = (Integer) claims.get("id");

        Admin admin = new Admin();
        admin.setId(Long.valueOf(id));
        admin.setUsername(username);
        UserHolder.set(admin);

        return true;
    }
}
